Famous Hacker Suffers Web Site Break-Ins

TED BRIDIS

Published 7:00 pm, Sunday, February 9, 2003

Associated Press Writer

The world's best-known computer hacker suffered the indignity of having someone break into his new security consulting company's Web site. But Kevin Mitnick shrugged it off as "quite amusing," not serious enough for him to call the FBI.

Mitnick, whose federal probation on hacking charges ended a few weeks ago, acknowledged that this weekend's electronic break-in at Defensive Thinking Inc. of Los Angeles was actually the second time in weeks that hackers found a way into the computer running the firm's Web site.

A hacker calling himself "BugBear" added one page to Mitnick's corporate Web site on Jan. 30 with a message, "Welcome back to freedom, Mr. Kevin," and added that "it was fun and easy to break into your box." He included a photograph of a polar bear with two cubs.

Another, similar break-in occurred Sunday by a hacker in Texas who asked Mitnick to hire him as the company's security officer.

In neither instance did hackers vandalize the company's Web pages, and one said in e-mail that he didn't do damage "out of respect for me," Mitnick said.

Mitnick said he did not contact the FBI because the break-ins didn't involve any financial loss to his company, which advertises "training and expertise to help you stop information theft."

The FBI and Justice Department would not comment.

Most security experts consider the risk of such break-ins a nuisance for government agencies and corporations, since sensitive information about consumers is commonly stored on separate computers with better protection. But these break-ins can be embarrassing for organizations and indicate inattention to Internet security risks.

"No customer information was released nor was in danger of being compromised," Mitnick's company said in a statement Monday.

Mitnick's probation, which barred him from using the Internet, ended Jan. 20. He was released from prison three years ago after serving a five-year sentence. Mitnick was accused of costing companies millions of dollars by stealing software and altering computer information.

His supporters, who during his time behind bars plastered the phrase "Free Kevin" on hundreds of Web sites, maintain that his crimes were vastly exaggerated.

Mitnick said Monday that the hackers apparently exploited separate flaws in Internet server software from Microsoft Corp. The person responsible for the company's Web site failed to apply the repairing patches available from Microsoft, Mitnick said.

"I haven't had any time to play webmaster, but it looks like I'll have to look into it," Mitnick wrote in an e-mail to The Associated Press. "Actually, it's quite amusing. All the hackers out there figure if they can hack Kevin Mitnick's site, they're the king of the hill."